To replace the Administration Server certificate,
On the administrator host where the KDT utility is located, run the following command:
./kdt invoke ksc --action klsetsrvcert --param ksc_server_certificate=<path_to_new_certificate> --param ksc_server_cert_pass=<password>
where:
<path_to_new_certificate> is the path to the container with the certificate and a private key in the PKCS #12 format (file with the .P12 or .PFX extension).<password> is the password used for protection of the PKCS #12 container. The certificate and a private key are stored in the container, therefore, the password is required to decrypt the file with the container.By default, certificate validation parameters are not specified, a custom certificate without signing permission is used. You can replace the common certificate for port 13000.
You do not need to download the klsetsrvcert utility. It is included in the Kubernetes cluster and is not available for direct running. You can run the klsetsrvcert utility only by using KDT from the administrator host.